ISO 27001 certification
Reliable information security with ISO 27001
Outdated technology, misusing IT or malware infections. These can all lead to cybercrime, IT failures, espionage and data misuse. How should you implement a strong information security strategy? ISO 27001 certification gives you this opportunity, letting you protect confidential information in your organization. DEKRA can is happy to test your organization against the international ISO/IEC 27001 standards.
The certification process
2. Determine the information security objectives.
3. Develop a methodology for risk assessment and risk treatment.
4. Establish a statement of applicability (SoA).
5. Draw up a risk management plan and risk assessment report.
6. Establish security roles and responsibilities.
7. Draw up a resource list for technical measures.
8. Ensure acceptable use of resources.
9. Establish guidelines, for example for access control in accordance with Annex A of ISO 27001.
- Our experts have many years of experience in information security and certification of management systems.
- We audit with recognition of the people in your organization. We call this People-Based Auditing.
- DEKRA certification is recognized worldwide.
- With us you can also combine the ISO 27001 standard with others, e.g., with NEN 7510, ISO 20000-1 or ISO 9000. This lets us carry out audits efficiently, saving you time and money.
People Based Auditing (PBA)
New version ISO/IEC 27001:2022
- Chapters 4 to 10 are structured according to the Harmonized Structure.
- Annex A of the standard is divided into 4 chapters (according to ISO/IEC 27002:2022):
- A. organizational measures
- B. personnel measures
- C. physical measures
- D. technological measures
- Several measures have been combined.
- 11 new measures have been added.